Case Management

LogicHub provides an integrated case management capability for you to track activity related to investigations of threats and other security issues.

📘

Note

To view or work with cases, you must be in a group that has Case Management permission. For more information, see Manage users.

You can add comments and attachments to a case and create tasks to assign to selected users. Case history is automatically created for each case action. For details on creating cases, see Create cases to track work in LogicHub.

The cases and tasks that people in your organization create are available to all users in your organization. You can search for cases using Basic Filters or Advanced Queries.

LogicHub also supports commands to assist in case analysis. Any command that a LogicHub user in your organization creates can be added to a case. The command output becomes part of the case record and is available to aid in an investigation without requiring back and forth between LogicHub and external systems. For information on creating commands, see Create Commands for Cases.


Did this page help you?